Issues (663)

Security Analysis    not enabled

This project does not seem to handle request data directly as such no vulnerable execution paths were found.

  Cross-Site Scripting
Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.
  File Exposure
File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.
  File Manipulation
File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.
  Object Injection
Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.
  Code Injection
Code Injection enables an attacker to execute arbitrary code on the server.
  Response Splitting
Response Splitting can be used to send arbitrary responses.
  File Inclusion
File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.
  Command Injection
Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.
  SQL Injection
SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.
  XPath Injection
XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.
  LDAP Injection
LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.
  Header Injection
  Other Vulnerability
This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.
  Regex Injection
Regex Injection enables an attacker to execute arbitrary code in your PHP process.
  XML Injection
XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.
  Variable Injection
Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.
Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

class/room.php (46 issues)

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

1
<?php
2
/**
3
 * $Id: room.php,v 1.42 2007/02/04 15:01:40 malanciault Exp $
4
 * Module:martin
5
 * Licence: GNU
6
 */
7
8
if (!defined("XOOPS_ROOT_PATH")) {
9
    die("XOOPS root path not defined");
10
}
11
12
include_once XOOPS_ROOT_PATH . '/modules/martin/include/common.php';
13
14
/**
15
 * Class MartinRoom
16
 */
17
class MartinRoom extends XoopsObject
18
{
19
    public function MartinRoom()
20
    {
21
        $this->initVar("room_id", XOBJ_DTYPE_INT, null, false);
22
        $this->initVar("hotel_id", XOBJ_DTYPE_INT, null, false);
23
        $this->initVar("room_count", XOBJ_DTYPE_INT, null, false);
24
        $this->initVar("hotel_name", XOBJ_DTYPE_TXTBOX, null, true, 45);
25
        $this->initVar("room_type_id", XOBJ_DTYPE_INT, null, false);
26
        $this->initVar("room_bed_type", XOBJ_DTYPE_INT, null, false);
27
        $this->initVar("room_type_info", XOBJ_DTYPE_TXTBOX, null, true, 45);
28
        $this->initVar("room_name", XOBJ_DTYPE_TXTBOX, null, true, 45);
29
        $this->initVar("room_area", XOBJ_DTYPE_INT, null, false);
30
        $this->initVar("room_floor", XOBJ_DTYPE_TXTBOX, null, true, 45);
31
        $this->initVar("room_initial_price", XOBJ_DTYPE_INT, null, false);
32
        $this->initVar("room_is_add_bed", XOBJ_DTYPE_INT, null, false);
33
        $this->initVar("room_add_money", XOBJ_DTYPE_INT, null, false);
34
        $this->initVar("room_bed_info", XOBJ_DTYPE_TXTAREA, null, false);
35
        $this->initVar("room_status", XOBJ_DTYPE_INT, null, false);
36
        $this->initVar("room_sented_coupon", XOBJ_DTYPE_INT, null, false);
37
    }
38
39
    /**
40
     * @return mixed
41
     */
42
    public function room_id()
43
    {
44
        return $this->getVar("room_id");
45
    }
46
47
    /**
48
     * @return mixed
49
     */
50
    public function hotel_id()
51
    {
52
        return $this->getVar("hotel_id");
53
    }
54
55
    /**
56
     * @return mixed
57
     */
58
    public function room_count()
59
    {
60
        return $this->getVar("room_count");
61
    }
62
63
    /**
64
     * @param string $format
65
     * @return mixed
66
     */
67
    public function hotel_name($format = 'S')
68
    {
69
        return $this->getVar("hotel_name", $format);
70
    }
71
72
    /**
73
     * @return mixed
74
     */
75
    public function room_type_id()
76
    {
77
        return $this->getVar("room_type_id");
78
    }
79
80
    /**
81
     * @return mixed
82
     */
83
    public function room_bed_type()
84
    {
85
        return $this->getVar("room_bed_type");
86
    }
87
88
    /**
89
     * @param string $format
90
     * @return mixed
91
     */
92
    public function room_type_info($format = 'S')
93
    {
94
        return $this->getVar("room_type_info", $format);
95
    }
96
97
    /**
98
     * @param string $format
99
     * @return mixed
100
     */
101
    public function room_name($format = 'S')
102
    {
103
        return $this->getVar("room_name", $format);
104
    }
105
106
    /**
107
     * @return mixed
108
     */
109
    public function room_area()
110
    {
111
        return $this->getVar("room_area");
112
    }
113
114
    /**
115
     * @param string $format
116
     * @return mixed
117
     */
118
    public function room_floor($format = 'S')
119
    {
120
        return $this->getVar("room_floor", $format);
121
    }
122
123
    /**
124
     * @return mixed
125
     */
126
    public function room_initial_price()
127
    {
128
        return $this->getVar('room_initial_price');
129
    }
130
131
    /**
132
     * @return mixed
133
     */
134
    public function room_is_add_bed()
135
    {
136
        return $this->getVar("room_is_add_bed");
137
    }
138
139
    /**
140
     * @return mixed
141
     */
142
    public function room_add_money()
143
    {
144
        return $this->getVar("room_add_money");
145
    }
146
147
    /**
148
     * @return mixed
149
     */
150
    public function room_status()
151
    {
152
        return $this->getVar("room_status");
153
    }
154
155
    /**
156
     * @param string $format
157
     * @return mixed
158
     */
159
    public function room_bed_info($format = 'S')
160
    {
161
        return $this->getVar("room_bed_info", $format);
162
    }
163
164
    /**
165
     * @param string $format
166
     * @return mixed
167
     */
168
    public function room_sented_coupon($format = 'S')
169
    {
170
        return $this->getVar("room_sented_coupon", $format);
171
    }
172
}
173
174
/**
175
 * @method: roomHandler
176
 * @license   http://www.blags.org/
177
 * @created   :2010年05月21日 20时40分
178
 * @copyright 1997-2010 The Martin Group
179
 * @author    Martin <[email protected]>
180
 * */
181
class MartinRoomHandler extends XoopsObjectHandler
182
{
183
    /**
184
     * create a new hotel city
185
     * @param bool $isNew flag the new objects as "new"?
186
     * @return object room
187
     */
188
    public function &create($isNew = true)
189
    {
190
        $room = new MartinRoom();
191
        if ($isNew) {
192
            $room->setNew();
193
        }
194
195
        return $room;
196
    }
197
198
    /**
199
     * retrieve a hotel city
200
     *
201
     * @param int $id roomid of the room
202
     * @return mixed reference to the {@link room} object, FALSE if failed
203
     */
204 View Code Duplication
    public function &get($id)
0 ignored issues
show
This method seems to be duplicated in your project.

Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.

You can also find more detailed suggestions in the “Code” section of your repository.

Loading history...
205
    {
206
        if ((int)($id) <= 0) {
207
            return false;
208
        }
209
210
        $criteria = new CriteriaCompo(new Criteria('room_id', $id));
211
        $criteria->setLimit(1);
212
        $obj_array = $this->getObjects($criteria);
213
        if (count($obj_array) != 1) {
214
            $obj =& $this->create();
215
216
            return $obj;
217
        }
218
219
        return $obj_array[0];
220
    }
221
222
    /**
223
     * @get       rows
224
     * @license   http://www.blags.org/
225
     * @created   :2010年06月20日 13时09分
226
     * @copyright 1997-2010 The Martin Group
227
     * @author    Martin <[email protected]>
228
     * @param      $sql
229
     * @param null $key
230
     * @return array
231
     */
232 View Code Duplication
    public function GetRows($sql, $key = null)
0 ignored issues
show
This method seems to be duplicated in your project.

Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.

You can also find more detailed suggestions in the “Code” section of your repository.

Loading history...
233
    {
234
        global $xoopsDB;
235
        $result = $xoopsDB->query($sql);
236
        $rows   = array();
237
        while ($row = $xoopsDB->fetchArray($result)) {
238
            if (is_null($key)) {
239
                $rows[] = $row;
240
            } else {
241
                $rows[$row[$key]] = $row;
242
            }
243
        }
244
245
        return $rows;
246
    }
247
248
    /**
249
     * @得到列表
250
     * @method:
251
     * @license   http://www.blags.org/
252
     * @created   :2010年05月23日 14时59分
253
     * @copyright 1997-2010 The Martin Group
254
     * @author    Martin <[email protected]>
255
     * @param int    $limit
256
     * @param int    $start
257
     * @param string $sort
258
     * @param string $order
259
     * @param bool   $id_as_key
260
     * @return array
261
     */
262 View Code Duplication
    public function &getRooms($limit = 0, $start = 0, $sort = 'room_id', $order = 'ASC', $id_as_key = true)
0 ignored issues
show
This method seems to be duplicated in your project.

Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.

You can also find more detailed suggestions in the “Code” section of your repository.

Loading history...
263
    {
264
        $criteria = new CriteriaCompo();
265
266
        $criteria->setSort($sort);
267
        $criteria->setOrder($order);
268
269
        $criteria->setStart($start);
270
        $criteria->setLimit($limit);
271
272
        return $this->getObjects($criteria, $id_as_key);
273
    }
274
275
    /**
276
     * insert a new room in the database
277
     *
278
     * @param object $room reference to the {@link room} object
279
     * @param bool   $force
280
     * @return bool FALSE if failed, TRUE if already present and unchanged or successful
281
     */
282
    public function insert(&$room, $force = false)
283
    {
284
        if (strtolower(get_class($room)) !== 'martinroom') {
285
            return false;
286
        }
287
288
        if (!$room->cleanVars()) {
289
            return false;
290
        }
291
292
        foreach ($room->cleanVars as $k => $v) {
293
            ${$k} = $v;
294
        }
295
296
        if ($room->isNew()) {
297
            $sql = sprintf("INSERT INTO %s (
298
                                room_id,room_type_id,hotel_id,room_count,room_bed_type,room_name,room_area,
299
                                room_floor,room_initial_price,room_is_add_bed,
300
                                room_add_money,room_bed_info,room_status,room_sented_coupon
301
                            ) VALUES (
302
                                NULL,%u,%u,%u,%u,%s,%u,
303
                                %s,%u,%u,
304
                                %u,%s,%u,%u
305
                            )", $this->db->prefix('martin_room'), $room_type_id, $hotel_id, $room_count, $room_bed_type, $this->db->quoteString($room_name), $room_area, $this->db->quoteString($room_floor), $room_initial_price, $room_is_add_bed, $room_add_money, $this->db->quoteString($room_bed_info), $room_status, $room_sented_coupon);
0 ignored issues
show
The variable $room_type_id does not exist. Did you forget to declare it?

This check marks access to variables or properties that have not been declared yet. While PHP has no explicit notion of declaring a variable, accessing it before a value is assigned to it is most likely a bug.

Loading history...
The variable $hotel_id does not exist. Did you forget to declare it?

This check marks access to variables or properties that have not been declared yet. While PHP has no explicit notion of declaring a variable, accessing it before a value is assigned to it is most likely a bug.

Loading history...
The variable $room_count does not exist. Did you forget to declare it?

This check marks access to variables or properties that have not been declared yet. While PHP has no explicit notion of declaring a variable, accessing it before a value is assigned to it is most likely a bug.

Loading history...
The variable $room_bed_type does not exist. Did you forget to declare it?

This check marks access to variables or properties that have not been declared yet. While PHP has no explicit notion of declaring a variable, accessing it before a value is assigned to it is most likely a bug.

Loading history...
The variable $room_name does not exist. Did you forget to declare it?

This check marks access to variables or properties that have not been declared yet. While PHP has no explicit notion of declaring a variable, accessing it before a value is assigned to it is most likely a bug.

Loading history...
The variable $room_area does not exist. Did you forget to declare it?

This check marks access to variables or properties that have not been declared yet. While PHP has no explicit notion of declaring a variable, accessing it before a value is assigned to it is most likely a bug.

Loading history...
The variable $room_floor does not exist. Did you forget to declare it?

This check marks access to variables or properties that have not been declared yet. While PHP has no explicit notion of declaring a variable, accessing it before a value is assigned to it is most likely a bug.

Loading history...
The variable $room_initial_price does not exist. Did you forget to declare it?

This check marks access to variables or properties that have not been declared yet. While PHP has no explicit notion of declaring a variable, accessing it before a value is assigned to it is most likely a bug.

Loading history...
The variable $room_is_add_bed does not exist. Did you forget to declare it?

This check marks access to variables or properties that have not been declared yet. While PHP has no explicit notion of declaring a variable, accessing it before a value is assigned to it is most likely a bug.

Loading history...
The variable $room_add_money does not exist. Did you forget to declare it?

This check marks access to variables or properties that have not been declared yet. While PHP has no explicit notion of declaring a variable, accessing it before a value is assigned to it is most likely a bug.

Loading history...
The variable $room_bed_info does not exist. Did you forget to declare it?

This check marks access to variables or properties that have not been declared yet. While PHP has no explicit notion of declaring a variable, accessing it before a value is assigned to it is most likely a bug.

Loading history...
The variable $room_status does not exist. Did you forget to declare it?

This check marks access to variables or properties that have not been declared yet. While PHP has no explicit notion of declaring a variable, accessing it before a value is assigned to it is most likely a bug.

Loading history...
The variable $room_sented_coupon does not exist. Did you forget to declare it?

This check marks access to variables or properties that have not been declared yet. While PHP has no explicit notion of declaring a variable, accessing it before a value is assigned to it is most likely a bug.

Loading history...
306
        } else {
307
            $sql = sprintf("UPDATE %s SET
308
                                room_type_id = %u,
309
                                hotel_id = %u,
310
                                room_count = %u,
311
                                room_bed_type = %u,
312
                                room_name = %s,
313
                                room_area = %u,
314
                                room_floor = %s,
315
                                room_initial_price = %u,
316
                                room_is_add_bed = %u,
317
                                room_add_money = %u,
318
                                room_bed_info = %s,
319
                                room_status = %u,
320
                                room_sented_coupon = %u
321
                            WHERE room_id = %u", $this->db->prefix('martin_room'), $room_type_id, $hotel_id, $room_count, $room_bed_type, $this->db->quoteString($room_name), $room_area, $this->db->quoteString($room_floor), $room_initial_price, $room_is_add_bed, $room_add_money, $this->db->quoteString($room_bed_info), $room_status, $room_sented_coupon, $room_id);
0 ignored issues
show
The variable $room_id does not exist. Did you forget to declare it?

This check marks access to variables or properties that have not been declared yet. While PHP has no explicit notion of declaring a variable, accessing it before a value is assigned to it is most likely a bug.

Loading history...
322
        }
323
        //echo $sql;exit;
324
        //echo "<br />" . $sql . "<br />";
325
        if (false != $force) {
0 ignored issues
show
Coding Style Best Practice introduced by
It seems like you are loosely comparing two booleans. Considering using the strict comparison !== instead.

When comparing two booleans, it is generally considered safer to use the strict comparison operator.

Loading history...
326
            $result = $this->db->queryF($sql);
327
        } else {
328
            $result = $this->db->query($sql);
329
        }
330
        if (!$result) {
331
            $room->setErrors('The query returned an error. ' . $this->db->error());
332
333
            return false;
334
        }
335
        if ($room->isNew()) {
336
            $room->assignVar('room_id', $this->db->getInsertId());
337
        }
338
339
        $room->assignVar('room_id', $room_id);
340
341
        return true;
342
    }
343
344
    /**
345
     * check hotel room exist
346
     * @access    public
347
     * @param $roomObj
348
     * @copyright 1997-2010 The Lap Group
349
     * @author    Martin <[email protected]>
350
     * @created   time :2010-06-28 11:08:41
351
     */
352
    public function CheckHotelRoomExist($roomObj)
353
    {
354
        $sql = "SELECT count(*) as count FROM " . $this->db->prefix("martin_room") . " WHERE room_type_id = " . $roomObj->room_type_id() . " ";
355
        $sql .= "AND hotel_id = " . $roomObj->hotel_id();
356
        list($count) = $this->db->fetchRow($this->db->query($sql));
357
        if (($roomObj->isNew() && $count > 0) || $count > 1) {
358
            return true;
359
        }
360
361
        return false;
362
    }
363
364
    /**
365
     * @删除一个城市
366
     * @method:delete(room_id)
367
     * @license   http://www.blags.org/
368
     * @created   :2010年05月21日 20时40分
369
     * @copyright 1997-2010 The Martin Group
370
     * @author    Martin <[email protected]>
371
     * @param object $room
372
     * @param bool   $force
373
     * @return bool|void
374
     */
375 View Code Duplication
    public function delete(&$room, $force = false)
0 ignored issues
show
This method seems to be duplicated in your project.

Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.

You can also find more detailed suggestions in the “Code” section of your repository.

Loading history...
376
    {
377
        if (strtolower(get_class($room)) !== 'martinroom') {
378
            return false;
379
        }
380
381
        $sql = "DELETE FROM " . $this->db->prefix("martin_room") . " WHERE room_id = " . $room->room_id();
382
383
        if (false != $force) {
0 ignored issues
show
Coding Style Best Practice introduced by
It seems like you are loosely comparing two booleans. Considering using the strict comparison !== instead.

When comparing two booleans, it is generally considered safer to use the strict comparison operator.

Loading history...
384
            $result = $this->db->queryF($sql);
385
        } else {
386
            $result = $this->db->query($sql);
387
        }
388
389
        if (!$result) {
390
            return false;
391
        }
392
393
        return true;
394
    }
395
396
    /**
397
     * count room matching a condition
398
     *
399
     * @param object $criteria {@link CriteriaElement} to match
0 ignored issues
show
Should the type for parameter $criteria not be object|null?

This check looks for @param annotations where the type inferred by our type inference engine differs from the declared type.

It makes a suggestion as to what type it considers more descriptive.

Most often this is a case of a parameter that can be null in addition to its declared types.

Loading history...
400
     * @return int count of categories
401
     */
402 View Code Duplication
    public function getCount($criteria = null)
0 ignored issues
show
This method seems to be duplicated in your project.

Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.

You can also find more detailed suggestions in the “Code” section of your repository.

Loading history...
403
    {
404
        $sql = 'SELECT COUNT(*) FROM ' . $this->db->prefix('martin_room');
405
        if (isset($criteria) && is_subclass_of($criteria, 'criteriaelement')) {
0 ignored issues
show
Due to PHP Bug #53727, is_subclass_of returns inconsistent results on some PHP versions for interfaces; you could instead use ReflectionClass::implementsInterface.
Loading history...
406
            $sql .= ' ' . $criteria->renderWhere();
407
        }
408
        $result = $this->db->query($sql);
409
        if (!$result) {
410
            return 0;
411
        }
412
        list($count) = $this->db->fetchRow($result);
413
414
        return $count;
415
    }
416
417
    /**
418
     * @get       objects
419
     * @license   http://www.blags.org/
420
     * @created   :2010年05月21日 20时40分
421
     * @copyright 1997-2010 The Martin Group
422
     * @author    Martin <[email protected]>
423
     * @param null $criteria
424
     * @param bool $id_as_key
425
     * @return array
426
     */
427
    public function &getObjects($criteria = null, $id_as_key = false)
428
    {
429
        $ret   = array();
430
        $limit = $start = 0;
431
432
        $sql = 'SELECT r.*,rt.room_type_info,h.hotel_name FROM ' . $this->db->prefix . ('_martin_room') . " r left join " . $this->db->prefix . ("_martin_room_type") . " rt ON (r.room_type_id = rt.room_type_id ) left join " . $this->db->prefix . ("_martin_hotel") . " h ON ( h.hotel_id = r.hotel_id ) ";
433
        if (isset($criteria) && is_subclass_of($criteria, 'criteriaelement')) {
0 ignored issues
show
Due to PHP Bug #53727, is_subclass_of returns inconsistent results on some PHP versions for interfaces; you could instead use ReflectionClass::implementsInterface.
Loading history...
434
            $sql .= ' ' . $criteria->renderWhere();
435
            if ($criteria->getSort() != '') {
436
                $sql .= ' ORDER BY ' . $criteria->getSort() . ' ' . $criteria->getOrder();
437
            }
438
            $limit = $criteria->getLimit();
439
            $start = $criteria->getStart();
440
        }
441
        $sql .= " Group BY r.room_id ";
442
        //echo "<br />" . $sql . "<br />";
443
        $result = $this->db->query($sql, $limit, $start);
444
445
        if (!$result) {
446
            return $ret;
447
        }
448
449
        $theObjects = array();
450
451
        while ($myrow = $this->db->fetchArray($result)) {
452
            $room = new MartinRoom();
453
            $room->assignVars($myrow);
454
            $theObjects[$myrow['room_id']] =& $room;
455
            //var_dump($room);
456
            unset($room);
457
        }
458
        //var_dump($theObjects);
459
460
        foreach ($theObjects as $theObject) {
461
            if (!$id_as_key) {
462
                $ret[] =& $theObject;
463
            } else {
464
                $ret[$theObject->room_id()] =& $theObject;
465
            }
466
            unset($theObject);
467
        }
468
469
        return $ret;
470
    }
471
472
    /**
473
     * @get       room type list
474
     * @license   http://www.blags.org/
475
     * @created   :2010年05月31日 20时32分
476
     * @copyright 1997-2010 The Martin Group
477
     * @author    Martin <[email protected]>
478
     * @param int $room_type_id
479
     * @return array
480
     */
481 View Code Duplication
    public function getRoomTypeList($room_type_id = 0)
0 ignored issues
show
This method seems to be duplicated in your project.

Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.

You can also find more detailed suggestions in the “Code” section of your repository.

Loading history...
482
    {
483
        $rows = array();
484
        $sql  = "SELECT * FROM " . $this->db->prefix("martin_room_type");
485
        $sql .= $room_type_id > 0 ? " WHERE room_type_id = $room_type_id" : "";
486
        $result = $this->db->query($sql);
487
        while ($row = $this->db->fetchArray($result)) {
488
            $rows[$row['room_type_id']] = $row['room_type_info'];
489
        }
490
491
        return $rows;
492
    }
493
494
    /**
495
     * @get       room type list
496
     * @license   http://www.blags.org/
497
     * @created   :2010年05月31日 20时32分
498
     * @copyright 1997-2010 The Martin Group
499
     * @author    Martin <[email protected]>
500
     * @param int $room_id
501
     * @return array
502
     */
503 View Code Duplication
    public function getRoomList($room_id = 0)
0 ignored issues
show
This method seems to be duplicated in your project.

Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.

You can also find more detailed suggestions in the “Code” section of your repository.

Loading history...
504
    {
505
        $rows = array();
506
        $sql  = "SELECT room_id,room_name FROM " . $this->db->prefix("martin_room");
507
        $sql .= $room_id > 0 ? " WHERE room_id = $room_id" : "";
508
        $result = $this->db->query($sql);
509
        while ($row = $this->db->fetchArray($result)) {
510
            $rows[$row['room_id']] = $row['room_name'];
511
        }
512
513
        return $rows;
514
    }
515
516
    /**
517
     * insert update room type
518
     * @license   http://www.blags.org/
519
     * @created   :2010年05月31日 20时32分
520
     * @copyright 1997-2010 The Martin Group
521
     * @author    Martin <[email protected]>
522
     * @param $typeData
523
     * @return
524
     */
525
    public function insertType($typeData)
0 ignored issues
show
The return type could not be reliably inferred; please add a @return annotation.

Our type inference engine in quite powerful, but sometimes the code does not provide enough clues to go by. In these cases we request you to add a @return annotation as described here.

Loading history...
526
    {
527
        global $xoopsDB;
528
        if (empty($typeData)) {
529
            return $typeData;
530
        }
531
        foreach ($typeData as $key => $value) {
532
            ${$key} = $value;
533
        }
534
        if ($room_type_id > 0) {
535
            $sql = "UPDATE " . $xoopsDB->prefix("martin_room_type") . " set room_type_info = " . $xoopsDB->quoteString($room_type_info) . " WHERE room_type_id = " . $room_type_id;
0 ignored issues
show
The variable $room_type_info does not exist. Did you forget to declare it?

This check marks access to variables or properties that have not been declared yet. While PHP has no explicit notion of declaring a variable, accessing it before a value is assigned to it is most likely a bug.

Loading history...
The variable $room_type_id does not exist. Did you forget to declare it?

This check marks access to variables or properties that have not been declared yet. While PHP has no explicit notion of declaring a variable, accessing it before a value is assigned to it is most likely a bug.

Loading history...
536
        } else {
537
            $sql = "insert INTO " . $xoopsDB->prefix("martin_room_type") . " (room_type_id,room_type_info) VALUES (null,'$room_type_info')";
538
        }
539
540
        //echo $sql;exit;
541
        return $this->db->queryF($sql);
542
    }
543
544
    /**
545
     * @delete    room type
546
     * @license   http://www.blags.org/
547
     * @created   :2010年05月31日 20时32分
548
     * @copyright 1997-2010 The Martin Group
549
     * @author    Martin <[email protected]>
550
     * @param $typeid
551
     * @return
552
     */
553
    public function deleteRoomType($typeid)
0 ignored issues
show
The return type could not be reliably inferred; please add a @return annotation.

Our type inference engine in quite powerful, but sometimes the code does not provide enough clues to go by. In these cases we request you to add a @return annotation as described here.

Loading history...
554
    {
555
        global $xoopsDB;
556
        if (!$typeid) {
557
            return $typeid;
558
        }
559
        $sql = "delete FROM " . $xoopsDB->prefix("martin_room_type") . " WHERE room_type_id  = " . $typeid;
560
561
        return $xoopsDB->queryF($sql);
562
    }
563
564
    /**
565
     * @get       room price
566
     * @license   http://www.blags.org/
567
     * @created   :2010年05月31日 20时32分
568
     * @copyright 1997-2010 The Martin Group
569
     * @author    Martin <[email protected]>
570
     * @param int $room_id
571
     * @param int $room_date
572
     * @return array
573
     */
574
    public function getRoomPrice($room_id = 0, $room_date = 0)
575
    {
576
        $NextMouth = mktime(0, 0, 0, date("m") + 1, date("d"), date("Y"));
577
        $Today     = mktime(0, 0, 0, date("m"), date("d"), date("Y"));
578
        $rows      = array();
579
        $sql       = "SELECT * FROM " . $this->db->prefix("martin_room_price");
580
        $sql .= ($room_id > 0) ? " WHERE room_id = " . $room_id . " " : " ";
581
        $sql .= $room_date > 0 ? "and room_date = " . strtotime($room_date) . ' ' : " and room_date BETWEEN " . $Today . " AND " . $NextMouth;
582
        $sql .= " order by room_id , room_date desc ";
583
        $result = $this->db->query($sql);
584 View Code Duplication
        while ($row = $this->db->fetchArray($result)) {
0 ignored issues
show
This code seems to be duplicated across your project.

Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.

You can also find more detailed suggestions in the “Code” section of your repository.

Loading history...
585
            if ($room_date > 0) {
586
                return $row;
587
            }
588
            $rows[$row['room_date']] = $row;
589
        }
590
591
        return $room_date > 0 ? $rows[0] : $rows;
592
    }
593
594
    /**
595
     * @get       price list
596
     * @license   http://www.blags.org/
597
     * @created   :2010年06月01日 21时45分
598
     * @copyright 1997-2010 The Martin Group
599
     * @author    Martin <[email protected]>
600
     * @param     $limit
601
     * @param int $start
602
     * @return array
603
     */
604
    public function GetRoomPriceList($limit, $start = 0)
605
    {
606
        $rows = array();
607
        $sql  = "SELECT rp.*,r.room_name FROM " . $this->db->prefix("martin_room_price");
608
        $sql .= " rp left join " . $this->db->prefix("martin_room") . " r ON r.room_id = rp.room_id ";
609
        $sql .= ($room_id > 0 && $room_date > 0) ? " WHERE room_id = $room_id and room_date = " . $room_date : "";
0 ignored issues
show
The variable $room_id does not exist. Did you forget to declare it?

This check marks access to variables or properties that have not been declared yet. While PHP has no explicit notion of declaring a variable, accessing it before a value is assigned to it is most likely a bug.

Loading history...
The variable $room_date does not exist. Did you forget to declare it?

This check marks access to variables or properties that have not been declared yet. While PHP has no explicit notion of declaring a variable, accessing it before a value is assigned to it is most likely a bug.

Loading history...
610
        $sql .= " order by room_id , room_date desc ";
611
        $sql .= " limit $start,$limit ";
612
        $result = $this->db->query($sql);
613 View Code Duplication
        while ($row = $this->db->fetchArray($result)) {
0 ignored issues
show
This code seems to be duplicated across your project.

Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.

You can also find more detailed suggestions in the “Code” section of your repository.

Loading history...
614
            $row['room_date'] = date('Y-m-d', $row['room_date']);
615
            $rows[]           = $row;
616
        }
617
618
        return $rows;
619
    }
620
621
    /**
622
     * @get       price count
623
     * @license   http://www.blags.org/
624
     * @created   :2010年06月01日 21时45分
625
     * @copyright 1997-2010 The Martin Group
626
     * @author    Martin <[email protected]>
627
     * */
628 View Code Duplication
    public function GetRoomPriceCount()
0 ignored issues
show
The return type could not be reliably inferred; please add a @return annotation.

Our type inference engine in quite powerful, but sometimes the code does not provide enough clues to go by. In these cases we request you to add a @return annotation as described here.

Loading history...
This method seems to be duplicated in your project.

Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.

You can also find more detailed suggestions in the “Code” section of your repository.

Loading history...
629
    {
630
        $sql = 'SELECT COUNT(*) FROM ' . $this->db->prefix('martin_room_price');
631
        if (isset($criteria) && is_subclass_of($criteria, 'criteriaelement')) {
0 ignored issues
show
The variable $criteria seems to never exist, and therefore isset should always return false. Did you maybe rename this variable?

This check looks for calls to isset(...) or empty() on variables that are yet undefined. These calls will always produce the same result and can be removed.

This is most likely caused by the renaming of a variable or the removal of a function/method parameter.

Loading history...
Due to PHP Bug #53727, is_subclass_of returns inconsistent results on some PHP versions for interfaces; you could instead use ReflectionClass::implementsInterface.
Loading history...
632
            $sql .= ' ' . $criteria->renderWhere();
633
        }
634
        $result = $this->db->query($sql);
635
        if (!$result) {
636
            return 0;
637
        }
638
        list($count) = $this->db->fetchRow($result);
639
640
        return $count;
641
    }
642
643
    /**
644
     * @清空过期数据
645
     * @license   http://www.blags.org/
646
     * @created   :2010年06月01日 21时45分
647
     * @copyright 1997-2010 The Martin Group
648
     * @author    Martin <[email protected]>
649
     * @param int $date
650
     * @return
651
     */
652
    public function TruncatePassData($date = 0)
0 ignored issues
show
The return type could not be reliably inferred; please add a @return annotation.

Our type inference engine in quite powerful, but sometimes the code does not provide enough clues to go by. In these cases we request you to add a @return annotation as described here.

Loading history...
653
    {
654
        global $xoopsDB;
655
        $date = empty($date) ? date('Y-m-d') : $date;
656
        $date = strtotime($date);
657
        $sql  = "delete FROM " . $xoopsDB->prefix("martin_room_price") . " WHERE room_date < " . $date;
658
659
        //echo $sql;exit;
660
        return $xoopsDB->query($sql);
661
    }
662
663
    /**
664
     * @delete    room date price
665
     * @license   http://www.blags.org/
666
     * @created   :2010年05月31日 20时32分
667
     * @copyright 1997-2010 The Martin Group
668
     * @author    Martin <[email protected]>
669
     * @param $room_id
670
     * @param $room_date
671
     * @return bool
672
     */
673
    public function deleteRoomPrice($room_id, $room_date)
674
    {
675
        global $xoopsDB;
676
        if (!$room_id || !$room_date) {
677
            return false;
678
        }
679
        $sql = "delete FROM " . $xoopsDB->prefix("martin_room_price") . " WHERE room_id  = " . $room_id . ' and room_date = ' . strtotime($room_date);
680
681
        return $xoopsDB->queryF($sql);
682
    }
683
684
    /**
685
     * @ insert room price
686
     * @license   http://www.blags.org/
687
     * @created   :2010年06月01日 21时45分
688
     * @copyright 1997-2010 The Martin Group
689
     * @author    Martin <[email protected]>
690
     * @param $Data
691
     * @param $IsOld
692
     * @return bool
693
     */
694
    public function InsertRoomPrice($Data, $IsOld)
695
    {
696
        //var_dump($Data);exit;
697
        global $xoopsDB;
698
        if ($IsOld) {
699
            $sql = "UPDATE " . $xoopsDB->prefix("martin_room_price") . " set
700
                room_price = {$Data['room_price']},
701
                room_is_today_special = {$Data['room_is_today_special']},
702
                room_advisory_range_small = {$Data['room_advisory_range_small']},
703
                room_advisory_range_max = {$Data['room_advisory_range_max']},
704
                room_sented_coupon = {$Data['room_sented_coupon']}
705
                WHERE room_id = {$Data['room_id']} and room_date = {$Data['room_date']}
706
                ";
707
        } else {
708
            $sql    = "insert INTO " . $xoopsDB->prefix("martin_room_price") . " (room_id,room_is_today_special,room_price,room_advisory_range_small,room_advisory_range_max,room_sented_coupon,room_date ) VALUES ";
709
            $Insert = false;
710
            foreach ($Data as $price) {
711
                if (!$this->CheckExistDate($price['room_id'], $price['room_date'])) {
712
                    $sql .= $prefix . "({$price['room_id']},{$price['room_is_today_special']},{$price['room_price']},
0 ignored issues
show
The variable $prefix does not seem to be defined for all execution paths leading up to this point.

If you define a variable conditionally, it can happen that it is not defined for all execution paths.

Let’s take a look at an example:

function myFunction($a) {
    switch ($a) {
        case 'foo':
            $x = 1;
            break;

        case 'bar':
            $x = 2;
            break;
    }

    // $x is potentially undefined here.
    echo $x;
}

In the above example, the variable $x is defined if you pass “foo” or “bar” as argument for $a. However, since the switch statement has no default case statement, if you pass any other value, the variable $x would be undefined.

Available Fixes

  1. Check for existence of the variable explicitly:

    function myFunction($a) {
        switch ($a) {
            case 'foo':
                $x = 1;
                break;
    
            case 'bar':
                $x = 2;
                break;
        }
    
        if (isset($x)) { // Make sure it's always set.
            echo $x;
        }
    }
    
  2. Define a default value for the variable:

    function myFunction($a) {
        $x = ''; // Set a default which gets overridden for certain paths.
        switch ($a) {
            case 'foo':
                $x = 1;
                break;
    
            case 'bar':
                $x = 2;
                break;
        }
    
        echo $x;
    }
    
  3. Add a value for the missing path:

    function myFunction($a) {
        switch ($a) {
            case 'foo':
                $x = 1;
                break;
    
            case 'bar':
                $x = 2;
                break;
    
            // We add support for the missing case.
            default:
                $x = '';
                break;
        }
    
        echo $x;
    }
    
Loading history...
713
                        {$price['room_advisory_range_small']},{$price['room_advisory_range_max']},
714
                        {$price['room_sented_coupon']},{$price['room_date']})";
715
                    $prefix = ',';
716
                    $Insert = true;
717
                } else {
718
                    $upSql = "UPDATE " . $xoopsDB->prefix('martin_room_price') . " SET
719
                            room_price = {$price['room_price']} ,
720
                            room_sented_coupon = {$price['room_sented_coupon']} ,
721
                            room_advisory_range_small = {$price['room_advisory_range_small']},
722
                            room_advisory_range_max = {$price['room_advisory_range_max']},
723
                            room_is_today_special = {$price['room_is_today_special']}
724
                            WHERE room_id = {$price['room_id']} and room_date = {$price['room_date']}
725
                            ";
726
                    //echo $upSql;
727
                    $xoopsDB->queryF($upSql);
728
                }
729
            }
730
731
            return $Insert ? $xoopsDB->queryF($sql) : true;
732
        }
733
734
        //echo $sql;exit;
735
        return $xoopsDB->queryF($sql);
736
    }
737
738
    /**
739
     * @check     exist
740
     * @method:
741
     * @license   http://www.blags.org/
742
     * @created   :2010年06月24日 22时04分
743
     * @copyright 1997-2010 The Martin Group
744
     * @author    Martin <[email protected]>
745
     * @param $room_id
746
     * @param $room_date
747
     * @return bool
748
     */
749 View Code Duplication
    public function CheckExistDate($room_id, $room_date)
0 ignored issues
show
This method seems to be duplicated in your project.

Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.

You can also find more detailed suggestions in the “Code” section of your repository.

Loading history...
750
    {
751
        global $xoopsDB;
752
        $sql = 'SELECT * FROM ' . $xoopsDB->prefix('martin_room_price') . " WHERE room_id = $room_id and room_date = $room_date ";
753
754
        return is_array($xoopsDB->fetchArray($xoopsDB->query($sql)));
755
    }
756
757
    /**
758
     * @get       max add date
759
     * @license   http://www.blags.org/
760
     * @created   :2010年06月02日 21时02分
761
     * @copyright 1997-2010 The Martin Group
762
     * @author    Martin <[email protected]>
763
     * @param $mouth
764
     * @return int
765
     */
766
    public function GetMaxDate($mouth)
767
    {
768
        global $xoopsDB;
769
        $date    = date("Y") . '-' . $mouth . '-01';
770
        $maxdate = date("Y") . '-' . ($mouth + 1) . '-01';
771
        $date    = strtotime($date);
772
        $maxdate = strtotime($maxdate);
773
        $sql     = "SELECT max(room_date) FROM " . $xoopsDB->prefix("martin_room_price") . " WHERE room_date < $maxdate and room_date > $date ";
774
        $result  = $this->db->query($sql);
775
        if (!$result) {
776
            return 0;
777
        }
778
        list($count) = $this->db->fetchRow($result);
779
780
        return $count;
781
    }
782
783
    /**
784
     * @get       hotel room
785
     * @计算平均值
786
     * @license   http://www.blags.org/
787
     * @created   :2010年06月14日 20时47分
788
     * @copyright 1997-2010 The Martin Group
789
     * @author    Martin <[email protected]>
790
     * @param $hotel_id
791
     * @return array
0 ignored issues
show
Should the return type not be null|array?

This check compares the return type specified in the @return annotation of a function or method doc comment with the types returned by the function and raises an issue if they mismatch.

Loading history...
792
     */
793
    public function GetHotelRoom($hotel_id)
794
    {
795
        if (!$hotel_id > 0) {
796
            return null;
797
        }
798
        global $xoopsDB;
799
        $time            = strtotime(date('Y-m-d'));
800
        $RoomBedTypeList = getModuleArray('room_bed_type', 'order_type', true);
801
        $sql             = "SELECT r.*,rt.room_type_info,rp.*,
802
            GROUP_CONCAT(rp.room_price) as room_prices,GROUP_CONCAT(rp.room_date) as room_dates ,
803
            GROUP_CONCAT(rp.room_sented_coupon) as room_sented_coupons
804
            FROM {$xoopsDB->prefix("martin_room")} r
805
            INNER JOIN {$xoopsDB->prefix("martin_room_type")} rt ON (rt.room_type_id = r.room_type_id) ";
806
        $sql .= "INNER JOIN {$xoopsDB->prefix("martin_room_price")} rp ON (r.room_id = rp.room_id) WHERE ";
807
        $sql .= $this->check_date ? "rp.room_date BETWEEN {$this->check_date[0]} AND {$this->check_date[1]} " : "rp.room_date = $time ";
808
        $sql .= "AND r.hotel_id = $hotel_id AND r.room_status = 1 GROUP BY r.room_id ORDER BY r.room_sented_coupon DESC , r.room_id DESC ";
809
        //echo $sql;
810
        $rows   = array();
811
        $result = $xoopsDB->query($sql);
812
        while ($row = $xoopsDB->fetchArray($result)) {
813
            $room_dates                 = array();
0 ignored issues
show
$room_dates is not used, you could remove the assignment.

This check looks for variable assignements that are either overwritten by other assignments or where the variable is not used subsequently.

$myVar = 'Value';
$higher = false;

if (rand(1, 6) > 3) {
    $higher = true;
} else {
    $higher = false;
}

Both the $myVar assignment in line 1 and the $higher assignment in line 2 are dead. The first because $myVar is never used and the second because $higher is always overwritten for every possible time line.

Loading history...
814
            $room_all_price             = 0;
815
            $room_all_sended_coupon     = 0;
816
            $row['room_prices']         = explode(",", $row['room_prices']);
817
            $row['room_dates']          = explode(",", $row['room_dates']);
818
            $row['room_sented_coupons'] = explode(",", $row['room_sented_coupons']);
819
            foreach ($row['room_prices'] as $key => $room_price) {
820
                $d                  = $row['room_dates'][$key];
821
                $room_sented_coupon = $row['room_sented_coupons'][$key];
822
                if ($d >= $this->check_date[0] && $d < $this->check_date[1]) {
823
                    $room_all_price += $room_price;
824
                    $room_all_sended_coupon += $room_sented_coupon;
825
                    $room_prices[] = array('date' => date('Y-m-d', $d), 'price' => $room_price);
0 ignored issues
show
Coding Style Comprehensibility introduced by
$room_prices was never initialized. Although not strictly required by PHP, it is generally a good practice to add $room_prices = array(); before regardless.

Adding an explicit array definition is generally preferable to implicit array definition as it guarantees a stable state of the code.

Let’s take a look at an example:

foreach ($collection as $item) {
    $myArray['foo'] = $item->getFoo();

    if ($item->hasBar()) {
        $myArray['bar'] = $item->getBar();
    }

    // do something with $myArray
}

As you can see in this example, the array $myArray is initialized the first time when the foreach loop is entered. You can also see that the value of the bar key is only written conditionally; thus, its value might result from a previous iteration.

This might or might not be intended. To make your intention clear, your code more readible and to avoid accidental bugs, we recommend to add an explicit initialization $myArray = array() either outside or inside the foreach loop.

Loading history...
826
                }
827
            }
828
            unset($row['room_prices'], $row['room_dates'], $row['room_sented_coupons']);
829
            $row['room_prices'] = $room_prices;
0 ignored issues
show
The variable $room_prices does not seem to be defined for all execution paths leading up to this point.

If you define a variable conditionally, it can happen that it is not defined for all execution paths.

Let’s take a look at an example:

function myFunction($a) {
    switch ($a) {
        case 'foo':
            $x = 1;
            break;

        case 'bar':
            $x = 2;
            break;
    }

    // $x is potentially undefined here.
    echo $x;
}

In the above example, the variable $x is defined if you pass “foo” or “bar” as argument for $a. However, since the switch statement has no default case statement, if you pass any other value, the variable $x would be undefined.

Available Fixes

  1. Check for existence of the variable explicitly:

    function myFunction($a) {
        switch ($a) {
            case 'foo':
                $x = 1;
                break;
    
            case 'bar':
                $x = 2;
                break;
        }
    
        if (isset($x)) { // Make sure it's always set.
            echo $x;
        }
    }
    
  2. Define a default value for the variable:

    function myFunction($a) {
        $x = ''; // Set a default which gets overridden for certain paths.
        switch ($a) {
            case 'foo':
                $x = 1;
                break;
    
            case 'bar':
                $x = 2;
                break;
        }
    
        echo $x;
    }
    
  3. Add a value for the missing path:

    function myFunction($a) {
        switch ($a) {
            case 'foo':
                $x = 1;
                break;
    
            case 'bar':
                $x = 2;
                break;
    
            // We add support for the missing case.
            default:
                $x = '';
                break;
        }
    
        echo $x;
    }
    
Loading history...
830
            if ($this->check_date) {
831
                $row['room_price']         = round(($room_all_price / $key), 2);
0 ignored issues
show
The variable $key seems to be defined by a foreach iteration on line 819. Are you sure the iterator is never empty, otherwise this variable is not defined?

It seems like you are relying on a variable being defined by an iteration:

foreach ($a as $b) {
}

// $b is defined here only if $a has elements, for example if $a is array()
// then $b would not be defined here. To avoid that, we recommend to set a
// default value for $b.


// Better
$b = 0; // or whatever default makes sense in your context
foreach ($a as $b) {
}

// $b is now guaranteed to be defined here.
Loading history...
832
                $row['room_sented_coupon'] = round(($room_all_sended_coupon / $key), 2);
833
            }
834
            $row['room_bed_type'] = $RoomBedTypeList[$row['room_bed_type']];
835
            $rows[]               = $row;
836
            unset($row, $room_prices);
837
        }
838
839
        return $rows;
840
    }
841
842
    /**
843
     * @get       room date price
844
     * @method:
845
     * @license   http://www.blags.org/
846
     * @created   :2010年07月01日 22时08分
847
     * @copyright 1997-2010 The Martin Group
848
     * @author    Martin <[email protected]>
849
     * @param $room_id
850
     * @param $check_in_date
851
     * @param $check_out_date
852
     * @return array|bool
853
     */
854
    public function GetRoomDatePrie($room_id, $check_in_date, $check_out_date)
855
    {
856
        global $xoopsDB;
857
        if (!$room_id || !$check_in_date || !$check_out_date) {
858
            return false;
859
        }
860
        $sql = "SELECT * FROM " . $xoopsDB->prefix("martin_room_price") . " WHERE room_id = $room_id AND room_date BETWEEN $check_in_date AND $check_out_date ";
861
862
        return $this->GetRows($sql, 'room_date');
863
    }
864
}
865